Systems and methods for assessing security for a network of assets and providing recommendations
First Claim
Patent Images
1. A computer-implemented method for determining an objective security assessment for a network, the method comprising:
- determining computer assets in the network;
determining an actual deployment of counter measures associated with the network, wherein the counter measures address potential security threats to the network;
determining, by a processor, an overall security score for the network based at least in part on the actual deployment of the counter measures and an effectiveness of the counter measures;
determining at least one recommendation for improving the overall security score; and
outputting the at least one recommendation and the overall security score,wherein the overall security score comprises a security score of each of the counter measures associated with the computer assets, the security score of each of the counter measures being based at least in part on an actual effectiveness score that represents the actual deployment of each of the counter measures and a possible effectiveness score that represents a possible deployment of each of the counter measures, andwherein outputting the at least one recommendation and the overall security score further comprises outputting the security score of each of the counter measures deployed on the computer assets.
5 Assignments
0 Petitions
Accused Products
Abstract
A security assessment tool can determine computer assets in a network and provide an overall security score for the network. The overall security score can represent an objective measure of the security of the network that considers potential security threats to the computer assets, counter measures deployed in the network to address the potential security threats, and the effectiveness of the counter measures. Based on the overall security assessment, the security assessment tool can provide recommendations for improving the security of the network.
10 Citations
39 Claims
-
1. A computer-implemented method for determining an objective security assessment for a network, the method comprising:
-
determining computer assets in the network; determining an actual deployment of counter measures associated with the network, wherein the counter measures address potential security threats to the network; determining, by a processor, an overall security score for the network based at least in part on the actual deployment of the counter measures and an effectiveness of the counter measures; determining at least one recommendation for improving the overall security score; and outputting the at least one recommendation and the overall security score, wherein the overall security score comprises a security score of each of the counter measures associated with the computer assets, the security score of each of the counter measures being based at least in part on an actual effectiveness score that represents the actual deployment of each of the counter measures and a possible effectiveness score that represents a possible deployment of each of the counter measures, and wherein outputting the at least one recommendation and the overall security score further comprises outputting the security score of each of the counter measures deployed on the computer assets. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system for determining an objective security assessment, the system comprising:
-
a network interface to a network of computer assets; one or more memory device storing instructions; and one or more processors coupled to the network interface and the one or more memory devices, the one or more processors being configured to execute the instructions to perform a method comprising; determining computer assets in the network; determining an actual deployment of counter measures associated with the network, wherein the counter measures address potential security threats to the network; determining an overall security score for the network based at least in part on the actual deployment of the counter measures and an effectiveness of the counter measures; determining at least one recommendation for improving the overall security score; and outputting the at least one recommendation and the overall security score, wherein the overall security score comprises a security score of each of the counter measures associated with the computer assets, the security score of each of the counter measures being based at least in part on an actual effectiveness score that represents the actual deployment of each of the counter measures and a possible effectiveness score that represents a possible deployment of each of the counter measures, and wherein outputting the at least one recommendation and the overall security score further comprises outputting the security score of each of the counter measures deployed on the computer assets. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A non-transitory computer readable storage medium comprising instructions for causing one or more processors to perform a method for determining an objective security assessment for a network, the method comprising:
-
determining computer assets in the network; determining, by a security assessment tool, an actual deployment of counter measures associated with the network, wherein the counter measures address potential security threats to the network; determining, by a processor, an overall security score for the network based at least in part on the actual deployment of the counter measures and an effectiveness of the counter measures; determining at least one recommendation for improving the overall security score; and outputting the at least one recommendation and the overall security score, wherein the overall security score comprises a security score of each of the counter measures associated with the computer assets, the security score of each of the counter measures being based at least in part on an actual effectiveness score that represents the actual deployment of each of the counter measures and a possible effectiveness score that represents a possible deployment of each of the counter measures, and wherein outputting the at least one recommendation and the overall security score further comprises outputting the security score of each of the counter measures deployed on the computer assets. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
Specification